It's not permanently locked though.
Apparently it's not configured like that by default and even if it is, just configure it differently if you want a different behaviour ¯\_(ツ)_/¯
Moving over to Linux is a great idea, if you have found a good way to manage them and your users are accepting.
Either way, I have never noticed this issue and we manage hundreds of Windows computers
You know I can take that drive out and just try to brute force it a million times per second without that silly rule being in my way, right? It's an anti security pattern similar to requiring password changes every week, it's a bad idea.
Nah, not really. I get what you mean, but the feature is obviously intended to lock the drive after a few failed logins because the user's password is generally way less secure than the bitlocker recovery key/encryption key. Brute forcing a 48 digit key is practically impossible while brute forcing a user's password is child's play in comparison.
So in my opinion it sounds like a pretty good idea to include that feature in the security baseline. It's not really Microsoft's fault that you pushed out security baseline settings without checking what they do first. But since you actually did some testing with bitlocker, the impact wasn't that bad. So just adjust or disable the feature and move on.
Keep in mind that giving out the highest possible sentences to crimes that could be worse (like murder) essentially gives someone that's committing the lesser crime (rape in this case) free range to commit any worse crimes because the sentence can't be worse anyway.
If someone is fucked up enough to rape someone, chances are that they will see it as a positive that they can kill the victim and leave behind no living witnesses and without risking a worse punishment.
Even if rapists won't kill anyone, they might still be less likely to restrain themselves to cause additional harm to the victim.