on my Plone 5 website I've got the issue, that normal users (so without Manager role or higher) are not able to EDIT existing content, once it is externally published.
They need to set the status on "internal", though they're still able to add new content.
Is there any better solution?
Customize the related workflow. In particular adjust the role mapping for the
Modify Portal Content permission.
These permissions are usually managed by the workflow definition.
Is this the intranet workflow?
See demo site (admin/admin):
Perhaps you want to grant the edit permission to Members and/or Editors...think about what you actually want and need.