Authenticated vs. guest users

I have configured a basic Debian installation to authenticate using LDAP (openldap) as I’ve described here:

Now I am trying to allow guests to enter a room after it has been created without any authentication.

I have tried enabling anonymousdomain: ‘guest.jitsi.example.com’ in /etc/jitsi/meet/jitsi.example.com-config.js and adding a VirtualHost to prosodys /etc/prosody/conf.avail/jitsi.example.com.cfg.lua

VirtualHost "guest.jitsi.example.com"
    authentication = "anonymous"
    c2s_require_encryption = false

But as soon as I enable the anonymousdomain, people are allowed to create rooms without authentication.

What do I have to change to configure authentication for room creation, but none for guests that visit an existing room?