Some insights with the symptoms you have described.

If users are able to successfully start a SAS/Studio session via IE - I assume here that users have to logon in the browser a second time using their Windows credentials rather than using single sign-on - then there is nothing wrong with the way those users are defined in SAS metadata and at the OS level in Active Directory. They will have the correct "logon as batch job" setting.

Check the metadata server log to see if there are any errors with the users having sign-on problems. Please report what you find.

The 4-5 hour involuntary timeout is most likely caused by firewall rules. Check with your IT security folks.

@SASKiwi  Thank you for your inputs. Could you tell me if the internal SAS account (sassvcs) also need to have 'Logon as a batch job' privileges? I was told so at a previous engagement that both the users and the internal account need to have 'logon as a batch job' privilege.

I shared the middle-tier logs and object spawner logs with SAS support. We were able to identify atleast within the object spawner log the records for the error-

2020-MM-DDT08:21:20,536 INFO [01044752] : (USERID) - New client connection (98361) accepted from server port 8591 for SAS token user (USERID). Encryption level is Everything using encryption algorithm RC2. Peer IP address and port are [someipaddress]:someipaddress for APPNAME=Web Infra Platform Services 9.4 - SAS Studio Mid-Tier 3.6.
2020-MM-DDT08:21:20,536 ERROR [01044752] :(userid) - No host credentials exist to start this server. Either the client needs to send in host credentials, or credentials need to be specified for the server.
2020-MM-DDT08:21:20,536 INFO [01044752] :SYSTEM@myserver - Client connection 98361 for user USERID closed.
2020-MM-DDT08:21:20,536 INFO [00000009] :SYSTEM@myserver - Client connection 97113 for user USERID closed.

How do I check the metadata logs?

@saspert - You can find the metadata logs in: \\MySASMetadataServer\MySASInstallFolder\SAS\Config\Lev1\SASMeta\MetadataServer\Logs

Regarding sassvcs - What are you using that for? If it is just running OS-level commands then it would need to be an OS account as well with access to the SAS servers. Probably doesn't need logon as batch permissions.

@SASKiwi My client still has this issue. Now the client's IT team might do away with IE completely (without giving us enough time to upgrade to the latest version of SAS 9.4M7). Any other ideas that I can try (besides checking the metadata logs)? I have attached a screenshot now. 

What's the problem with checking server logs? Posting screen shot errors doesn't provide many clues as to what is going wrong.

The posts by @jcFranklin and @gwootton provide details for you to follow up.

Hi
When we hit the URL of SAS Studio for login into it, it redirects to other URLs internally. While trying to access it through Chrome, try copying and pasting the exact URL of the SAS Studio and then do the login. I used to get errors while trying to use the SAS Studio URL saved in Chrome history. The errors stopped when when I started using the the exact URL saved in the favorites. You might be facing similar issues.

@sandeeppajni2  I dont think the issue you mentioned and the issue I am talking about are the same. I am facing the same issue with both chrome/edge browsers. 

Hi @saspert:

Okay. Just to let you know that we recently started facing some problems in accessing SAS Studio, whereas SAS EG was connecting fine, after every instance of complete reboot of SAS services. It turned out to be an issue in the SAS Deployment Backup not completing in time and taking more than usual. So, sometimes the  deployment of web services (SASServer1_1, which plays a major role in running the SAS Studio) was not happening completely after the reboot of the SAS Services. We excluded the backup deployment xml file (SASDeploymentBackup.xml) in the location: ../Lev1/Web/WebAppServer/SASServer1_1/conf/Catalina/localhost, and then the deployment of configurations started happening in time without issues, which fixed the SAS Studio login issue too.
It might be helpful to try following these steps in your case too. You need to first stop the SAS Web services, remove the file, and start the services again to do this.

The error message "The native implementation module for the security package could not be found in the path." is typically related to the configuration of Kerberos delegation.

In the User Managment Console in Active Directory > Delegation Tab, for the SPN entry is the "trust this user for delegation to any service (kerberos only)" check box selected?